Wallarm is looking to gain share in the growing market for application security, with continued advancements to the company’s Framework for Automatic Security Testing, or FAST, platform.
On Oct. 22, Wallarm announced that it raised $8 million in a Series A round of funding, led by Toba Capital and including the participation of Y Combinator, Partech and Gagarin Capital. Alongside the funding, the company is rolling out the latest update of its FAST platform that provides improved vulnerability detection.
“We want to invest more in developing the FAST product but more importantly in building a community for developers interested in practical security and security gurus who want to spread the wisdom,” Ivan Novikov, co-founder and CEO of Wallarm, told eWEEK. “The other direction we want to invest in is security research, since we believe that only people with deep security expertise can build the right models for machine learning and security automation.”
Founded in 2013, Wallarm had previously raised $2.3 million in seed capital. The FAST 1.0 technology was announced on April 26, providing automated security test capabilities for applications. The FAST platform makes use of fuzzing and other techniques to generate automated tests for application code.
FAST is a module on the larger Wallarm application security platform that is powered by artificial intelligence (AI) capabilities. There are several modules working together on the Wallarm platform, including Next Generation Web Application Firewall (NGWAF), Dynamic Application Security Testing (DAST), Active Threat Verification and FAST, according to Novikov.
“While FAST is a part of Wallarm platform, unlike the other modules it is also available as a stand-alone product,” he said.
FAST 2.0
Since the FAST 1.0 release in April, Novikov said the product has started to build a following and user base. Feedback from the initial group of customers has now helped Wallarm build the feature set for FAST 2.0. Among the major new features in FAST 2.0 are custom codeless detect definitions by customers.
“It’s possible now to automate detection of custom issues and vulnerabilities to improve basic OWASP Top 10 and fuzzing tests,” he said.
Novikov said that another new feature is a Jenkins integration plugin, which enables the integration of FAST with CI/CD (continuous integration/ continuous development) systems easily. He noted that previously only API-based integration was available.
While Wallarm’s technology is not open source, the company is enabling its customers to request and review its source code under certain contractual conditions. Looking forward, Novikov said Wallarm will continue to improve its application security platform.
“We want to continue our product expansion by releasing new unique approaches to improve our signatureless detection, Active Threat Verification and fuzzing with new impressive techniques,” he said.
Sean Michael Kerner is a senior editor at eWEEK and InternetNews.com. Follow him on Twitter @TechJournalist.